Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    OpenVPN tunnel as backup?

    Scheduled Pinned Locked Moved Routing and Multi WAN
    2 Posts 1 Posters 695 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • K
      kthelen
      last edited by

      Hello all!

      Right now I have two sites running pfSense. Both are connected to the Internet.

      Primary site: 10.12.1.254/24
      Satellite site: 10.12.9.254/24

      The primary site runs OpenVPN Server, and the satellite site connects to it, forming a tunnel. Rules are configured as such that machines on both sides of the tunnel can access one another. This has worked fine - but the satellite site has a very low bandwidth Internet connection, so I'd been wanting to upgrade.

      Today I installed a wireless link between the two sites. It's basically a point-to-point WiFi connection, bridged only, which is functionally equivalent to a really long Ethernet cable.

      I'd like to attach both pfSense boxes to this wireless link, set up routes, and get the same behavior as we have now - that part would be fairly simple. What's a bit more difficult is, should that link fail (ie. pfSense boxes can no longer ping one another), I'd like to automatically bring up the OpenVPN connection and use that until the link recovers.

      Can anyone point me in the right direction on this? Thanks!

      –Keith

      1 Reply Last reply Reply Quote 0
      • K
        kthelen
        last edited by

        I think I've gotten a bit closer… added a virtual interface for the OpenVPN tunnel in question, which should open the door to doing failover in the usual way. The OpenVPN connection would always be up (as opposed to started when needed), but I can live with that. Will see if I can feel my way through it.

        I'd still appreciate hearing from anyone who's done this before, though!

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.